US20020174338A1 - Digital signature verification apparatus - Google Patents
Digital signature verification apparatus Download PDFInfo
- Publication number
- US20020174338A1 US20020174338A1 US09/940,594 US94059401A US2002174338A1 US 20020174338 A1 US20020174338 A1 US 20020174338A1 US 94059401 A US94059401 A US 94059401A US 2002174338 A1 US2002174338 A1 US 2002174338A1
- Authority
- US
- United States
- Prior art keywords
- digital signature
- data
- signature
- information
- digital
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/68—Special signature format, e.g. XML format
Definitions
- the present invention relates to a technology for verifying digital signatures and in particular to a technology which is capable of displaying data upon which at least one digital signature is put.
- a method of representing the fact that data is digitally signed includes an Authenticode technique which is described in, for example, “Web security and commerce” par. 9.2 “Authenticode technique of Microsoft” to par. 9.4 “other code signature method”, 1998, O'Reilly Japan, Co. Ltd. This technology is adapted to display a certificate when it detects a signature.
- a technology to represent the state of multiple signature includes a multiple-signature apparatus as is disclosed in JP-A-2000-293102 entitled “Digital multiple-signature apparatus and recording medium”.
- the present invention has features as follows:
- the data which is an object of the digital signature is related with the information representative of the range of the object of the digital signature involved.
- the data which is an object of the digital signature may be a partial data in a predetermined unit.
- An example of the predetermined unit may be one file.
- a digital signature object data identifier is annexed to a digital signature file as an information which represents the range of the digital signature object.
- the range of the digital signature object (partial data) is detected based upon the digital signature object data identifier which is attached to the entered digital signature file. Detecting the range of the digital signature object includes detecting what data is included in the digital signature file by analyzing the digital signature file.
- the present invention further includes correlation of the content of the range of the digital signature object with the data related with the digital signature and displaying it.
- the data which is related with the digital signature includes information on an apparatus or user that has put the digital signature. Displaying with correlation includes displaying on the same display.
- FIG. 1 is a view showing a digital signature data dsign.xml which is displayed by the digital signature display system of one embodiment of the present invention
- FIG. 2 is a schematic diagram showing the digital signature display system of the embodiment of the present invention.
- FIG. 3 is a flow chart showing the processing procedure of the digital signature analyzing and processing unit 210 of the present embodiment of the present invention.
- FIG. 4 is a flow chart showing a process of the digital signature display image generating and processing unit 211 of the embodiment of the present invention.
- FIG. 5 is a diagram showing the digital signature data dsign.xml
- FIG. 6 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign.xml in the digital signature analyzing and processing unit 210 ;
- FIG. 7 is a view showing an example of the display of the digital signature data dsign.xml
- FIG. 8 is a view showing an example of the display of the digital signature data dsign.xml, which is added with a frame representing the data which is represented by an identifier ALL;
- FIG. 9 is a diagram showing the digital signature data dsign2.xml
- FIG. 10 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign2.xml in the digital signature analyzing and processing unit 210 ;
- FIG. 11 is a view showing the digital signature data dsign2.xml which is displayed by the digital signature display system of the embodiment of the present invention.
- FIG. 12 is a diagram showing the digital signature data dsign3.xml
- FIG. 13 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign3.xml in the digital signature analyzing and processing unit 210 ;
- FIG. 14 is a view showing the digital signature data dsign3.xml which is displayed by the digital signature display system of the embodiment of the present invention.
- FIG. 2 is a diagram showing the schematic structure of the digital signature display apparatus of the present embodiment.
- the digital signature display apparatus of the present embodiment comprises a CPU 201 , memory 202 , magnetic disc unit 203 , entry unit 204 , display unit 205 and a network connection unit 206 .
- the CPU 201 controls an operation and a processing of the whole of the digital signature display apparatus.
- the memory 202 is a storage for loading therein various processing programs and data to control the operation of the whole of the digital signature display apparatus.
- the magnetic disc unit 203 is a storage to store the above-mentioned various processing programs and data.
- the entry unit 204 inputs operator guidance and the like to the digital signature display apparatus.
- the display unit 205 displays states of the operation of the digital signature display unit and the states of digital signature.
- the network connection unit 206 connects the digital signature display apparatus to the network to receive and transmit data from and to the other devices which are connected to the network.
- the digital signature display apparatus further comprises a digital signature analyzing and processing unit 210 and a digital signature display image generating and processing unit 211 .
- the digital signature analyzing and processing unit 210 is a processing unit for inputting a digital signature file designated by the entry unit 204 , verifying the data signed digitally and the validity of the digital signature, analyzing informations of a digital signatory and outputting a result of the analysis.
- the digital signature display image generating and processing unit 211 is a processing unit for inputting the analysis result output from the digital signature analyzing and processing unit 210 , generating a digital signature display image and displaying the image on the display unit 205 .
- the program which causes the digital signature display system to operate as the digital signature analyzing and processing unit 210 and the digital signature display image generating and processing unit 211 is loaded on the memory and executed, after recorded on a recording medium such as CD-ROM and the like.
- the recording medium for recording the program may be any recording media other than CD-ROM.
- the program may be distributed over the network.
- the digital signature may be conducted according to a specification, for example, XML-signature which are being defined by W3C, a standard organization.
- An example of dsign.xml of the digital signature file which conforms with XML is illustrated in FIG. 5.
- the present digital signature file represents digital signature information between tag ⁇ signature> in line 002 to ⁇ /signature> in line 023 .
- a signature object data identifier 501 “ALL” designated in the tag ⁇ Reference> in line 005 is an identification which identifies the signature object data.
- FIG. 3 is a flow chart showing the process of the digital signature analyzing and processing unit 210 of the digital signature display apparatus of the present embodiment. As shown in FIG. 3, the digital signature analyzing and processing unit 210 receives the digital signature file name entered from the entry unit 204 and analyzes the digital signature.
- the designated digital signature file dsign.xml shown in FIG. 5 is read from the magnetic disc unit 203 , and the digital signature is retrieved from the file.
- the presence of the digital signature is recognized by retrieving the data enclosed between the tags ⁇ Signature> and ⁇ /Signature>.
- step 302 if there is no digital signature in the designated digital signature file, or only digital signatures already analyzed therein, then the processing is terminated. If a digital signature not analyzed is detected, the program sequence proceeds to step 303 .
- the detected digital signature is analyzed to retrieve the digital signature object data.
- the term “identifier” used herein is data which identifies the particular data.
- the data identified by the identifier may be external of the digital signature file.
- the digital signature object data identifier is represented in, for example, URI form.
- digital signature data file The file which includes the digital signature object data is hereinafter referred to as “digital signature data file”.
- step 304 verification of the digital signature is performed to determined whether or not the digital signature is true, and an information on the signatory is obtained.
- step 305 the field of the digital signature object data established at step 303 , the digital signature object data file name, the signatory obtained at step 304 and the result of the signature verification are output as a digital signature analysis result.
- the result comprises the digital signature file name, signatory information, digital signature object data file name, signature object data identifier and the signature verification result.
- step 302 After outputting the digital signature analysis result, the program sequence returns to step 302 again. If there is unanalyzed digital signature, steps 303 to 304 are repeated. When the analysis of the digital signature existing in the digital signature file is completed, then processing is terminated. The processing may be terminated subject to a completion of analysis of all target digital signatures.
- the digital signature display image generating and processing unit 211 After termination of the processing of the digital signature analyzing and processing unit 210 , processing in the digital signature display image generating and processing unit 211 is initiated. As shown in FIG. 4, the digital signature display image generating and processing unit 211 inputs the digital signature analysis result from the digital signature analyzing and processing unit 210 and generates an image representing the digital signature object.
- step 401 the digital signature analysis result from the digital signature analyzing and processing unit is input.
- step 402 if undisplayed digital signature analysis result is not in the digital signature analysis result, the processing is terminated.
- the program sequence will proceed to step 403 .
- step 403 the digital signature object data file shown in the undisplayed digital signature analysis result is displayed.
- the processing is omitted.
- An example of the display of the digital signature object data file dsign.xml in case of FIG. 6 is shown in FIG. 7.
- a frame which represents the field of the digital signature object data among the digital signature object data file displayed at step 403 , is generated.
- a display example in case of FIG. 6 is shown in FIG. 8.
- a reference numeral 101 denotes the frame which represents the field of the digital signature object data.
- a result of the digital signature analysis which is represented by the frame indicating the field of the digital signature object data displayed at step 404 , is displayed.
- An example of the display in case of FIG. 6 is shown in FIG. 1.
- Reference numerals 101 and 102 denote the frame representing the field of the digital signature object data and the digital signature analysis result represented by the frame 101 , respectively.
- the signature analysis result may be displayed by colors or symbols other than character array as shown in FIG. 1.
- the signature verification result may be represented by, for example, the color of the display frame 101 .
- step 405 the program sequence will returns to step 402 again. If undisplayed digital signature analysis result exists, then steps 403 to 405 are repeated. When generation of the image of the digital signature analysis result is completed, the processing is terminated. The processing may be terminated subject to a completion of the generation of all of the images of the digital signature analysis results.
- the digital signature display apparatus of the present embodiment it is possible to confirm what contents are digitally signed by whom without requiring a number of operations to display the information on the signatory and the data content of the signature object on a screen.
- digital signature analyzing and processing unit 210 and the digital signature display image generating and processing unit 211 are implemented in all-in-one device in present embodiment, they may be implemented by discrete devices.
- FIG. 9 shows an example of second digital signature file dsign 2. xml which is described in XML.
- the second digital signature file comprises a first digital signature 901 of tag ⁇ Signature> in line 002 to tag ⁇ /signature> in line 023 and a second digital signature 903 in lines 024 to 045 .
- a tag signature object data identifier 902 in FIG. 9 identifies the signature object data of the first digital signature 901 .
- the identifier 902 is designated in the tag ⁇ Reference>.
- a specific example of the identifier 902 may be “http://home/dsign.htm#author”.
- the signature object identifier 904 in FIG. 9 is an identifier for identifying the signature object data of the second digital signature 903 .
- a detailed example of the signature object identifier 904 may be “http://home/dsign.html#title”.
- a result which is obtained by processing such a second digital signature file in said digital signature analyzing and processing unit 210 is shown in FIG. 10.
- FIG. 10 shows a result of the digital signature analyzing of the second digital signature file.
- Reference numeral 1001 in the drawing denotes a result of digital signature analysis of the first digital signatures 901
- reference numeral 1002 in the drawing denotes a result of digital signature analysis of the second digital signatures 903 .
- a digital signature display image is generated by processing the result of the digital signature analysis shown in FIG. 10 in the digital signature display image generating and processing unit 211 .
- FIG. 1101 denotes the range of the signature object of the first digital signature 901 .
- Signature information 1102 is the information relating to the signature analyzing result of the first digital signature 901 .
- a display frame 1103 denotes the range of the signature object of the second digital signature 903 and signature information 1104 is information relating to the signature analyzing result of the second digital signature 903 .
- the digital signature display apparatus of the present embodiment it is possible to confirm what content is digitally signed by whom without requiring a number of operations to display the content of the digital signature object file, the field of the digital signature object and the information on the digital signatory on one screen even if the data of the digital signature object is part of the file. It is also possible to do so if one signature object file is signed by a plurality of signatories.
- FIG. 12 shows an example of a third digital signature file dsign3.xml which is described in XML.
- the third digital signature file comprises the first digital signature 1201 in lines 002 to 018 and the second digital signature 1203 in lines 020 to 036 .
- the signature object data of the first digital signature 1201 is a field 1202 represented by an identifier “ALL” in lines 019 to 049 .
- the data which is the object of verification of the second digital signature 1203 is a field 1204 represented by an identifier “title” in lines 037 to 048 .
- a result obtained by processing the third digital signature file in the digital signature analyzing and processing unit 210 is shown in FIG. 13.
- FIG. 13 shows the result of the digital signature analysis of the third digital signature file.
- Reference numeral 1301 in the drawing denotes a result of digital signature analysis of the first digital signatures 1201
- reference numeral 1302 in the drawing denotes a result of digital signature analysis of the second digital signatures 1203 .
- a digital signature display image is generated by processing the result of the digital signature analysis shown in FIG. 13 in the digital signature display image generating and processing unit 211 .
- FIG. 14 An example of the displayed image of the third digital signature file is shown in FIG. 14.
- a display frame 1401 denotes the range of the signature object of the first digital signature 1201 .
- Signature information 1402 is the information relating to the signature analyzing result of the first digital signature 1201 .
- a display frame 1403 denotes the range of the signature object of the second digital signature 1203 and signature information 1404 is information relating to the signature analyzing result of the second digital signature 903 .
- the first digital signature 1201 is the signature for the field represented by the identifier “title” and the data including the second digital signature 1203 .
- the digital signature display apparatus of the present embodiment it is possible to confirm what content is digitally signed by whom based upon the relationship of inclusion of the fields of the digital signature objects even if the data of the digital signature object is signed by a plurality of digital signatories.
- a way of displaying the field of the signature object data in accordance with the present invention is not limited to the above-mentioned embodiments. For example, it may be displayed by displaying the changed color of the screen background in lieu of frame line in the embodiments.
- the content of the display of the signature information in accordance with the present invention is not limited to the above-mentioned embodiments.
- the information on the signatory and the signature verification result of the embodiment may be displayed.
- the signature verification result may be displayed.
- the signature verification result may be separately displayed.
- the method of digital signature in accordance with the present invention is not limited to the above-mentioned embodiments.
- the present invention is applicable to another method of digital signature including at least the signature object data and information specifying the information on the signatory.
- the present invention may be embodied without departing from the gist that the content of the file including digitally signed data, the field of the digital signature object and the signature information is displayed in means for representing the digital signature.
Abstract
Description
- The present invention relates to a technology for verifying digital signatures and in particular to a technology which is capable of displaying data upon which at least one digital signature is put.
- As to documents such as contracts which are made among entities such as government offices and privately-owned corporations, exchanging of electronic documents which are prepared by using information processing devices such as computers has been increased in lieu of exchanging paper documents. On exchanging of electronic documents, electronic signatures (digital signatures) have been used for authentication of person identification or protection against tampering by unauthorized persons. The technology of the digital signature per se is described in, for example, “Digital signature and encryption technology”, par. 4.3 “digital signature”, Piason Education (1997).
- Various digital signature such as multiple-signature in which a digital signature is further put on digitally signed data, and partial signature is which digital signature is put on only a specified portion of the data have been proposed. It is possible to put a plurality of digital signatures by utilizing these schemes.
- A method of representing the fact that data is digitally signed includes an Authenticode technique which is described in, for example, “Web security and commerce” par. 9.2 “Authenticode technique of Microsoft” to par. 9.4 “other code signature method”, 1998, O'Reilly Japan, Co. Ltd. This technology is adapted to display a certificate when it detects a signature. A technology to represent the state of multiplesignature includes a multiple-signature apparatus as is disclosed in JP-A-2000-293102 entitled “Digital multiple-signature apparatus and recording medium”.
- The correspondence relationship between digital signature and data to be digitally signed has not heretofore been considered.
- Since the correspondence relationship has not been considered as mentioned above, in the prior art, only the file name is displayed as information on the data signed, when the fact that the data is digitally signed is displayed. Accordingly, there is a problem that the content of the data signed digitally can not be readily confirmed.
- And, XML (Extensible Markup Language) documents, which have recently attracted attention, is possible to put a partial signature which specifies a part of file as a signature object. However, it is difficult for the above-mentioned prior art which assumes to put digital signature on the whole of the file, to immediately confirm the partial signature and the content of the signature object data.
- It is an object of the present invention to readily confirm the digital signature and the content of its signature object data (file).
- In order to accomplish the above-mentioned object, the present invention has features as follows:
- The data which is an object of the digital signature is related with the information representative of the range of the object of the digital signature involved. The data which is an object of the digital signature may be a partial data in a predetermined unit. An example of the predetermined unit may be one file.
- The present invention also has features as follows: A digital signature object data identifier is annexed to a digital signature file as an information which represents the range of the digital signature object. The range of the digital signature object (partial data) is detected based upon the digital signature object data identifier which is attached to the entered digital signature file. Detecting the range of the digital signature object includes detecting what data is included in the digital signature file by analyzing the digital signature file.
- The present invention further includes correlation of the content of the range of the digital signature object with the data related with the digital signature and displaying it. The data which is related with the digital signature includes information on an apparatus or user that has put the digital signature. Displaying with correlation includes displaying on the same display.
- FIG. 1 is a view showing a digital signature data dsign.xml which is displayed by the digital signature display system of one embodiment of the present invention;
- FIG. 2 is a schematic diagram showing the digital signature display system of the embodiment of the present invention;
- FIG. 3 is a flow chart showing the processing procedure of the digital signature analyzing and
processing unit 210 of the present embodiment of the present invention; - FIG. 4 is a flow chart showing a process of the digital signature display image generating and
processing unit 211 of the embodiment of the present invention; - FIG. 5 is a diagram showing the digital signature data dsign.xml;
- FIG. 6 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign.xml in the digital signature analyzing and
processing unit 210; - FIG. 7 is a view showing an example of the display of the digital signature data dsign.xml;
- FIG. 8 is a view showing an example of the display of the digital signature data dsign.xml, which is added with a frame representing the data which is represented by an identifier ALL;
- FIG. 9 is a diagram showing the digital signature data dsign2.xml;
- FIG. 10 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign2.xml in the digital signature analyzing and
processing unit 210; - FIG. 11 is a view showing the digital signature data dsign2.xml which is displayed by the digital signature display system of the embodiment of the present invention;
- FIG. 12 is a diagram showing the digital signature data dsign3.xml;
- FIG. 13 is a diagram showing an example of the digital signature information which is obtained by processing the digital signature data dsign3.xml in the digital signature analyzing and
processing unit 210; and - FIG. 14 is a view showing the digital signature data dsign3.xml which is displayed by the digital signature display system of the embodiment of the present invention.
- Now, a digital signature display apparatus of an embodiment for displaying the digital signature will be described.
- FIG. 2 is a diagram showing the schematic structure of the digital signature display apparatus of the present embodiment. As shown in FIG. 2, the digital signature display apparatus of the present embodiment comprises a
CPU 201,memory 202,magnetic disc unit 203,entry unit 204,display unit 205 and anetwork connection unit 206. - The
CPU 201 controls an operation and a processing of the whole of the digital signature display apparatus. Thememory 202 is a storage for loading therein various processing programs and data to control the operation of the whole of the digital signature display apparatus. - The
magnetic disc unit 203 is a storage to store the above-mentioned various processing programs and data. Theentry unit 204 inputs operator guidance and the like to the digital signature display apparatus. Thedisplay unit 205 displays states of the operation of the digital signature display unit and the states of digital signature. Thenetwork connection unit 206 connects the digital signature display apparatus to the network to receive and transmit data from and to the other devices which are connected to the network. - The digital signature display apparatus further comprises a digital signature analyzing and
processing unit 210 and a digital signature display image generating andprocessing unit 211. - The digital signature analyzing and
processing unit 210 is a processing unit for inputting a digital signature file designated by theentry unit 204, verifying the data signed digitally and the validity of the digital signature, analyzing informations of a digital signatory and outputting a result of the analysis. - The digital signature display image generating and
processing unit 211 is a processing unit for inputting the analysis result output from the digital signature analyzing andprocessing unit 210, generating a digital signature display image and displaying the image on thedisplay unit 205. - It is supposed that the program which causes the digital signature display system to operate as the digital signature analyzing and
processing unit 210 and the digital signature display image generating andprocessing unit 211 is loaded on the memory and executed, after recorded on a recording medium such as CD-ROM and the like. The recording medium for recording the program may be any recording media other than CD-ROM. Alternatively, the program may be distributed over the network. - The digital signature may be conducted according to a specification, for example, XML-signature which are being defined by W3C, a standard organization. An example of dsign.xml of the digital signature file which conforms with XML is illustrated in FIG. 5. The present digital signature file represents digital signature information between tag <signature> in
line 002 to </signature> inline 023. A signatureobject data identifier 501 “ALL” designated in the tag <Reference> inline 005 is an identification which identifies the signature object data. The data represented by saididentifier 501 “ALL” is enclosed by the tags <Object id=“All” inline 024 to </Object> inline 046 in the present digital signature file. - FIG. 3 is a flow chart showing the process of the digital signature analyzing and
processing unit 210 of the digital signature display apparatus of the present embodiment. As shown in FIG. 3, the digital signature analyzing andprocessing unit 210 receives the digital signature file name entered from theentry unit 204 and analyzes the digital signature. - Now, the processing will be described by way of the case in which the digital signature file dsign.xml shown in FIG. 5 is designated.
- At
step 301, the designated digital signature file dsign.xml shown in FIG. 5 is read from themagnetic disc unit 203, and the digital signature is retrieved from the file. In the present embodiment, the presence of the digital signature is recognized by retrieving the data enclosed between the tags <Signature> and </Signature>. - At
step 302, if there is no digital signature in the designated digital signature file, or only digital signatures already analyzed therein, then the processing is terminated. If a digital signature not analyzed is detected, the program sequence proceeds to step 303. - At
step 303, the detected digital signature is analyzed to retrieve the digital signature object data. In the digital signature file in FIG. 5, the data represented by the digital signature object data identifier “All” in the tag <Reference IDREF=“ALL”> inline 004 is retrieved. As a result of the retrieval, it is recognized that the data from <Object ID=“ALL> inline 023 to </Object> inline 047 in the digital signature file is the signature object data. The term “identifier” used herein is data which identifies the particular data. The data identified by the identifier may be external of the digital signature file. In this case, the digital signature object data identifier is represented in, for example, URI form. - The file which includes the digital signature object data is hereinafter referred to as “digital signature data file”.
- At
step 304, verification of the digital signature is performed to determined whether or not the digital signature is true, and an information on the signatory is obtained. In the digital signature file dsign.xml in FIG. 5, the information on the signatory is described in a portion “CN=Tomita Taminori, O=Hitachi, C=JP” between the tags <X509Name> and </X509Name> inline 017. - At
step 305, the field of the digital signature object data established atstep 303, the digital signature object data file name, the signatory obtained atstep 304 and the result of the signature verification are output as a digital signature analysis result. - An example of the digital signature analysis result is shown in FIG. 6. The result comprises the digital signature file name, signatory information, digital signature object data file name, signature object data identifier and the signature verification result.
- After outputting the digital signature analysis result, the program sequence returns to step302 again. If there is unanalyzed digital signature, steps 303 to 304 are repeated. When the analysis of the digital signature existing in the digital signature file is completed, then processing is terminated. The processing may be terminated subject to a completion of analysis of all target digital signatures.
- After termination of the processing of the digital signature analyzing and
processing unit 210, processing in the digital signature display image generating andprocessing unit 211 is initiated. As shown in FIG. 4, the digital signature display image generating andprocessing unit 211 inputs the digital signature analysis result from the digital signature analyzing andprocessing unit 210 and generates an image representing the digital signature object. - At
step 401, the digital signature analysis result from the digital signature analyzing and processing unit is input. - At
step 402, if undisplayed digital signature analysis result is not in the digital signature analysis result, the processing is terminated. When an undisplayed digital signature exists, the program sequence will proceed to step 403. - At
step 403, the digital signature object data file shown in the undisplayed digital signature analysis result is displayed. When the digital signature object data file is already displayed, the processing is omitted. An example of the display of the digital signature object data file dsign.xml in case of FIG. 6 is shown in FIG. 7. - At
step 404, a frame, which represents the field of the digital signature object data among the digital signature object data file displayed atstep 403, is generated. A display example in case of FIG. 6 is shown in FIG. 8. Areference numeral 101 denotes the frame which represents the field of the digital signature object data. - At
step 405, a result of the digital signature analysis, which is represented by the frame indicating the field of the digital signature object data displayed atstep 404, is displayed. An example of the display in case of FIG. 6 is shown in FIG. 1.Reference numerals frame 101, respectively. - The signature analysis result may be displayed by colors or symbols other than character array as shown in FIG. 1.
- Alternatively, the signature verification result may be represented by, for example, the color of the
display frame 101. - After completion of
step 405, the program sequence will returns to step 402 again. If undisplayed digital signature analysis result exists, then steps 403 to 405 are repeated. When generation of the image of the digital signature analysis result is completed, the processing is terminated. The processing may be terminated subject to a completion of the generation of all of the images of the digital signature analysis results. - As described above, in the digital signature display apparatus of the present embodiment, it is possible to confirm what contents are digitally signed by whom without requiring a number of operations to display the information on the signatory and the data content of the signature object on a screen.
- Although the digital signature analyzing and
processing unit 210 and the digital signature display image generating andprocessing unit 211 are implemented in all-in-one device in present embodiment, they may be implemented by discrete devices. - FIG. 9 shows an example of second digital
signature file dsign 2. xml which is described in XML. - The second digital signature file comprises a first
digital signature 901 of tag <Signature> inline 002 to tag </signature> inline 023 and a seconddigital signature 903 inlines 024 to 045. - A tag signature
object data identifier 902 in FIG. 9 identifies the signature object data of the firstdigital signature 901. Theidentifier 902 is designated in the tag <Reference>. The data represented by theidentifier 902 is enclosed between the tags <Object Id=“author”> inline 033 in the file dsign.xml in FIG. 5. A specific example of theidentifier 902 may be “http://home/dsign.htm#author”. - Similarly, the
signature object identifier 904 in FIG. 9 is an identifier for identifying the signature object data of the seconddigital signature 903. The data represented by thesignature object identifier 904 is the location enclosed between a tag <Object Id=“title”> in theline 034 and the tag /Object> in theline 045 in the file dsign.xml in FIG. 5. A detailed example of thesignature object identifier 904 may be “http://home/dsign.html#title”. - A result which is obtained by processing such a second digital signature file in said digital signature analyzing and
processing unit 210 is shown in FIG. 10. - FIG. 10 shows a result of the digital signature analyzing of the second digital signature file.
Reference numeral 1001 in the drawing denotes a result of digital signature analysis of the firstdigital signatures 901, andreference numeral 1002 in the drawing denotes a result of digital signature analysis of the seconddigital signatures 903. - Subsequently, a digital signature display image is generated by processing the result of the digital signature analysis shown in FIG. 10 in the digital signature display image generating and
processing unit 211. - An example of the displayed image of the second digital signature file is shown in FIG. 11. A
display frame 1101 denotes the range of the signature object of the firstdigital signature 901.Signature information 1102 is the information relating to the signature analyzing result of the firstdigital signature 901. Similarly, adisplay frame 1103 denotes the range of the signature object of the seconddigital signature 903 andsignature information 1104 is information relating to the signature analyzing result of the seconddigital signature 903. - As described above, in the digital signature display apparatus of the present embodiment, it is possible to confirm what content is digitally signed by whom without requiring a number of operations to display the content of the digital signature object file, the field of the digital signature object and the information on the digital signatory on one screen even if the data of the digital signature object is part of the file. It is also possible to do so if one signature object file is signed by a plurality of signatories.
- FIG. 12 shows an example of a third digital signature file dsign3.xml which is described in XML.
- The third digital signature file comprises the first
digital signature 1201 inlines 002 to 018 and the seconddigital signature 1203 inlines 020 to 036. - The signature object data of the first
digital signature 1201 is afield 1202 represented by an identifier “ALL” inlines 019 to 049. Similarly, the data which is the object of verification of the seconddigital signature 1203 is afield 1204 represented by an identifier “title” inlines 037 to 048. - A result obtained by processing the third digital signature file in the digital signature analyzing and
processing unit 210 is shown in FIG. 13. - FIG. 13 shows the result of the digital signature analysis of the third digital signature file.
Reference numeral 1301 in the drawing denotes a result of digital signature analysis of the firstdigital signatures 1201, andreference numeral 1302 in the drawing denotes a result of digital signature analysis of the seconddigital signatures 1203. - Subsequently, a digital signature display image is generated by processing the result of the digital signature analysis shown in FIG. 13 in the digital signature display image generating and
processing unit 211. - An example of the displayed image of the third digital signature file is shown in FIG. 14. A
display frame 1401 denotes the range of the signature object of the firstdigital signature 1201.Signature information 1402 is the information relating to the signature analyzing result of the firstdigital signature 1201. Similarly, adisplay frame 1403 denotes the range of the signature object of the seconddigital signature 1203 andsignature information 1404 is information relating to the signature analyzing result of the seconddigital signature 903. - It can readily be confirmed from the relation of inclusion of the display frames1401 and 1403 that the first
digital signature 1201 is the signature for the field represented by the identifier “title” and the data including the seconddigital signature 1203. - As described above, according to the digital signature display apparatus of the present embodiment, it is possible to confirm what content is digitally signed by whom based upon the relationship of inclusion of the fields of the digital signature objects even if the data of the digital signature object is signed by a plurality of digital signatories.
- A way of displaying the field of the signature object data in accordance with the present invention is not limited to the above-mentioned embodiments. For example, it may be displayed by displaying the changed color of the screen background in lieu of frame line in the embodiments.
- The content of the display of the signature information in accordance with the present invention is not limited to the above-mentioned embodiments. For example, the information on the signatory and the signature verification result of the embodiment may be displayed.
- The signature verification result may be displayed. The signature verification result may be separately displayed.
- The method of digital signature in accordance with the present invention is not limited to the above-mentioned embodiments. The present invention is applicable to another method of digital signature including at least the signature object data and information specifying the information on the signatory.
- In other words, the present invention may be embodied without departing from the gist that the content of the file including digitally signed data, the field of the digital signature object and the signature information is displayed in means for representing the digital signature.
- Since the content of the file including the data of the digital signature object is displayed and the field of the digital signature object and the digital signature information is two-dimensionally superposed thereon in accordance with the present embodiment, it is possible to confirm the relationship among various digital signatures such as partial or multiple signatures without necessity of a number of operations.
- In accordance with the present invention, it is possible to readily note the content of the data which is to be digitally signed.
Claims (14)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2001-136827 | 2001-05-08 | ||
JP2001136827A JP4103340B2 (en) | 2001-05-08 | 2001-05-08 | Digital signature display device |
Publications (1)
Publication Number | Publication Date |
---|---|
US20020174338A1 true US20020174338A1 (en) | 2002-11-21 |
Family
ID=18984026
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/940,594 Abandoned US20020174338A1 (en) | 2001-05-08 | 2001-08-29 | Digital signature verification apparatus |
Country Status (3)
Country | Link |
---|---|
US (1) | US20020174338A1 (en) |
EP (1) | EP1257083A3 (en) |
JP (1) | JP4103340B2 (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050071385A1 (en) * | 2003-09-26 | 2005-03-31 | Rao Bindu Rama | Update package catalog for update package transfer between generator and content server in a network |
US20060031678A1 (en) * | 2004-08-09 | 2006-02-09 | Canon Kabushiki Kaishi | Image processing apparatus and its method |
US20070016783A1 (en) * | 2005-07-14 | 2007-01-18 | Satoshi Saito | Image forming apparatus for generating electronic signature |
US20070061582A1 (en) * | 2005-09-09 | 2007-03-15 | Canon Kabushiki Kaisha | Image processing method, image processing apparatus, and storage medium |
US7406599B1 (en) * | 2004-04-06 | 2008-07-29 | Adobe Systems Incorporated | Indicating status for digital signatures |
US20090165113A1 (en) * | 2007-12-21 | 2009-06-25 | International Business Machines Corporation | Systems, methods and computer program products for firewall use of certified binaries |
US8526940B1 (en) | 2004-08-17 | 2013-09-03 | Palm, Inc. | Centralized rules repository for smart phone customer care |
US8578361B2 (en) | 2004-04-21 | 2013-11-05 | Palm, Inc. | Updating an electronic device with update agent code |
US8752044B2 (en) | 2006-07-27 | 2014-06-10 | Qualcomm Incorporated | User experience and dependency management in a mobile device |
US8893110B2 (en) | 2006-06-08 | 2014-11-18 | Qualcomm Incorporated | Device management in a network |
US20220334969A1 (en) * | 2020-12-21 | 2022-10-20 | Aux Mode Inc. | Multi-cache based digital output generation |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004234641A (en) * | 2003-01-08 | 2004-08-19 | Kddi Corp | Method for authenticating contents file producer, and program thereof |
JP2004260664A (en) * | 2003-02-27 | 2004-09-16 | Nec Corp | Xml signature generation system with time stamp imparting function, device, method, and program |
US7347479B2 (en) * | 2004-04-21 | 2008-03-25 | Asmo Co., Ltd. | Sunvisor device for a vehicle |
JP2006260239A (en) * | 2005-03-17 | 2006-09-28 | Murata Mach Ltd | Document management device and program |
JP4993674B2 (en) * | 2005-09-09 | 2012-08-08 | キヤノン株式会社 | Information processing apparatus, verification processing apparatus, control method thereof, computer program, and storage medium |
JP5013694B2 (en) * | 2005-09-09 | 2012-08-29 | キヤノン株式会社 | Image processing method, image processing apparatus, program code, and storage medium |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5214702A (en) * | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5465299A (en) * | 1992-12-03 | 1995-11-07 | Hitachi, Ltd. | Electronic document processing system and method of forming digital signature |
US5872848A (en) * | 1997-02-18 | 1999-02-16 | Arcanvs | Method and apparatus for witnessed authentication of electronic documents |
US5912974A (en) * | 1994-04-05 | 1999-06-15 | International Business Machines Corporation | Apparatus and method for authentication of printed documents |
US5966445A (en) * | 1995-05-26 | 1999-10-12 | Korea Telecommunication Authority | Identification scheme single or multi-digital signature scheme giving message recovery single or multi-digital signature scheme with appendix key exchange scheme and blind digital signature scheme |
US6324650B1 (en) * | 1998-03-16 | 2001-11-27 | John W.L. Ogilvie | Message content protection and conditional disclosure |
US6367013B1 (en) * | 1995-01-17 | 2002-04-02 | Eoriginal Inc. | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents |
US6470448B1 (en) * | 1996-10-30 | 2002-10-22 | Fujitsu Limited | Apparatus and method for proving transaction between users in network environment |
US6671805B1 (en) * | 1999-06-17 | 2003-12-30 | Ilumin Corporation | System and method for document-driven processing of digitally-signed electronic documents |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6012098A (en) * | 1998-02-23 | 2000-01-04 | International Business Machines Corp. | Servlet pairing for isolation of the retrieval and rendering of data |
-
2001
- 2001-05-08 JP JP2001136827A patent/JP4103340B2/en not_active Expired - Fee Related
- 2001-08-29 US US09/940,594 patent/US20020174338A1/en not_active Abandoned
- 2001-08-31 EP EP01121001A patent/EP1257083A3/en not_active Withdrawn
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5214702A (en) * | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5465299A (en) * | 1992-12-03 | 1995-11-07 | Hitachi, Ltd. | Electronic document processing system and method of forming digital signature |
US5912974A (en) * | 1994-04-05 | 1999-06-15 | International Business Machines Corporation | Apparatus and method for authentication of printed documents |
US6367013B1 (en) * | 1995-01-17 | 2002-04-02 | Eoriginal Inc. | System and method for electronic transmission, storage, and retrieval of authenticated electronic original documents |
US5966445A (en) * | 1995-05-26 | 1999-10-12 | Korea Telecommunication Authority | Identification scheme single or multi-digital signature scheme giving message recovery single or multi-digital signature scheme with appendix key exchange scheme and blind digital signature scheme |
US6470448B1 (en) * | 1996-10-30 | 2002-10-22 | Fujitsu Limited | Apparatus and method for proving transaction between users in network environment |
US5872848A (en) * | 1997-02-18 | 1999-02-16 | Arcanvs | Method and apparatus for witnessed authentication of electronic documents |
US6324650B1 (en) * | 1998-03-16 | 2001-11-27 | John W.L. Ogilvie | Message content protection and conditional disclosure |
US6671805B1 (en) * | 1999-06-17 | 2003-12-30 | Ilumin Corporation | System and method for document-driven processing of digitally-signed electronic documents |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050071385A1 (en) * | 2003-09-26 | 2005-03-31 | Rao Bindu Rama | Update package catalog for update package transfer between generator and content server in a network |
US7694293B2 (en) * | 2003-09-26 | 2010-04-06 | Hewlett-Packard Development Company, L.P. | Update package catalog for update package transfer between generator and content server in a network |
US7406599B1 (en) * | 2004-04-06 | 2008-07-29 | Adobe Systems Incorporated | Indicating status for digital signatures |
US7694145B1 (en) * | 2004-04-06 | 2010-04-06 | Adobe Systems Incorporated | Indicating status for digital signatures |
US8578361B2 (en) | 2004-04-21 | 2013-11-05 | Palm, Inc. | Updating an electronic device with update agent code |
US7747863B2 (en) * | 2004-08-09 | 2010-06-29 | Canon Kabushiki Kaisha | Image processing apparatus and its method |
US20060031678A1 (en) * | 2004-08-09 | 2006-02-09 | Canon Kabushiki Kaishi | Image processing apparatus and its method |
US8526940B1 (en) | 2004-08-17 | 2013-09-03 | Palm, Inc. | Centralized rules repository for smart phone customer care |
US20070016783A1 (en) * | 2005-07-14 | 2007-01-18 | Satoshi Saito | Image forming apparatus for generating electronic signature |
US8108669B2 (en) * | 2005-07-14 | 2012-01-31 | Ricoh Company, Ltd. | Image forming apparatus for generating electronic signature |
US20070061582A1 (en) * | 2005-09-09 | 2007-03-15 | Canon Kabushiki Kaisha | Image processing method, image processing apparatus, and storage medium |
US8893110B2 (en) | 2006-06-08 | 2014-11-18 | Qualcomm Incorporated | Device management in a network |
US8752044B2 (en) | 2006-07-27 | 2014-06-10 | Qualcomm Incorporated | User experience and dependency management in a mobile device |
US9081638B2 (en) | 2006-07-27 | 2015-07-14 | Qualcomm Incorporated | User experience and dependency management in a mobile device |
US7913299B2 (en) | 2007-12-21 | 2011-03-22 | International Business Machines Corporation | Systems, methods and computer program products for firewall use of certified binaries |
US20090165113A1 (en) * | 2007-12-21 | 2009-06-25 | International Business Machines Corporation | Systems, methods and computer program products for firewall use of certified binaries |
US20220334969A1 (en) * | 2020-12-21 | 2022-10-20 | Aux Mode Inc. | Multi-cache based digital output generation |
US11853217B2 (en) * | 2020-12-21 | 2023-12-26 | Aux Mode Inc. | Multi-cache based digital output generation |
Also Published As
Publication number | Publication date |
---|---|
EP1257083A2 (en) | 2002-11-13 |
JP2002333835A (en) | 2002-11-22 |
JP4103340B2 (en) | 2008-06-18 |
EP1257083A3 (en) | 2005-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20020174338A1 (en) | Digital signature verification apparatus | |
US9081756B2 (en) | Method and apparatus for populating a form with data | |
JP5753350B2 (en) | Method and computer program for enhancing screen capture function for form manipulation | |
US9009078B2 (en) | Optical character recognition technique for protected viewing of digital files | |
JP3801120B2 (en) | Identification system based on PDA / mobile phone screen multiple 1D barcode reading | |
US7188307B2 (en) | Access system | |
TWI237191B (en) | Method of extracting a section of a page from a portable document format file, system for extracting a section of a page of a portable document format file, and computer readable medium containing executable instructions | |
US7861307B2 (en) | Unlocking digital content on remote systems | |
US7024558B1 (en) | Apparatus and method for authenticating digital signatures and computer-readable recording medium thereof | |
US20070043670A1 (en) | Tags for unlocking digital content | |
CN101582083A (en) | Web-based detection in image, extraction and recognition | |
US7406599B1 (en) | Indicating status for digital signatures | |
CN109271757B (en) | Off-line activation method and system for software | |
US20040153660A1 (en) | Systems and methods for increasing the difficulty of data sniffing | |
US7844080B2 (en) | Image processing system and image processing method, and computer program | |
US7681049B2 (en) | Imaging apparatus | |
US20070043671A1 (en) | Protected viewing of digital files | |
US20050166055A1 (en) | Information, transformation and reverse transformation processing | |
JP6852337B2 (en) | Information processing equipment, information processing programs, information processing systems and information processing methods | |
US20070043669A1 (en) | Techniques for protected viewing of digital files | |
EP1670236A2 (en) | Image data registration and verification methods and apparatus | |
US7113301B2 (en) | System and method for automated access of a network page | |
US20040148260A1 (en) | Information processing apparatus, information processing system, information processing method, and program product | |
US20030028559A1 (en) | Method of analyzing a document represented in a markup language | |
US20050245312A1 (en) | Method for accessing an additional content with parental control |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NATIONAL INSTITUTES OF HEALTH, THE, MARYLAND Free format text: CONFIRMATORY LICENSE;ASSIGNOR:DUKE UNIVERSITY;REEL/FRAME:010416/0915 Effective date: 19990820 |
|
AS | Assignment |
Owner name: DUKE UNIVERSITY, NORTH CAROLINA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VITEK, MICHAEL P.;REEL/FRAME:013041/0120 Effective date: 20020412 |
|
AS | Assignment |
Owner name: HITACHI, LTD., JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:TOMITA, TAMINORI;MIYAZAKI, YUTAKA;REEL/FRAME:015822/0744;SIGNING DATES FROM 20010802 TO 20010806 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: NATIONAL INSTITUTES OF HEALTH (NIH), U.S. DEPT. OF Free format text: CONFIRMATORY LICENSE;ASSIGNOR:DUKE UNIVERSITY;REEL/FRAME:021174/0959 Effective date: 19990819 |